1 Reply Latest reply on Jul 25, 2003 3:44 PM by nowy

problem in jboss-jetty with cached role membership

edward3h Jul 22, 2003 8:19 AM

Hello, I'm new to this group. I wonder if anyone could help with this problem:

We have an application running on jboss-jetty, with Form authentication for logging in, backed by a DatabaseServerLoginModule on the JBoss side.

We have also implemented some screens and EJBs etc. to allow users to be administered from within the application. This is done by writing to the same database tables as the DatabaseServerLoginModule points at, since there is no direct API for user management.

There seems to be a problem that if we modify a user's roles membership after the first time they've logged in, the change does not get picked up the next time they log in i.e. the role membership is being cached somewhere.

For example, I create a user 'testuser', giving them role 'user', then log in as that user - everything is ok. Log out, and give the user the role 'admin' in addition (by inserting in the database), then log in as that user again - this time they still only have role 'user' (checked by using request.isUserInRole()), even though from the database they have roles 'user' and 'admin'.

Has anyone else seen this problem, and is there a workaround? I have tested against Jboss 3.0.5, 3.0.8 and 3.2.1, the behaviour is the same on each.

I'm not averse to trying to fix this in the source myself, but I thought I should check if anyone else has dealt with it already.

regards
Edward Harman

1. Re: problem in jboss-jetty with cached role membership

nowy Jul 25, 2003 3:44 PM (in response to edward3h)

you have to flush jaas cache

read about this at this forum
or try to use jmx-console so you will se what method you have to invoke
Actions